Manualshelf

HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
281282283284285286287288289290
Associating Address Pools with Realms and Other Conditions
Use the following steps to associate address pools with realms and other conditions by modifying
HP-UX AAA Server decision files. Refer to Chapter 26: “Customizing the HP-UX AAA Server Using
the Finite State Machine” (page 290) andChapter 27 (page 300) for more information. The following
steps and examples associate an IP address pool named test_pool with a realm named test.com.
1. Create a policy file in/etc/opt/aaa/dhcp.grp as follows:
Group NORMAL {
Condition {
(User-Realm = test.com)
}
Reply {
Decision = ACK
Interlink:Address-Pool = "test_pool"
}
}
Group NORMAL {
Reply {
Decision = ACK
}
}
2. Define a new state named CheckTestPolicy to check for the policy you created in Step
1. Replace the following lines in /etc/opt/aaa/radius.fsm as follows:
Replace:
UserDone:
*.*.ACK POLICY AuthWait
*.*.NAK REPLY Hold
With:
UserDone:
*.*.ACK POLICY CheckTestPolicy
*.*.NAK REPLY Hold
CheckTestPolicy
*.*.ACK POLICY AuthWait Xstring=decisionfile:dhcp.grp
*.*.NAK REPLY Hold
286 Using DHCP